LinuxQuestions.org
Latest LQ Deal: Linux Power User Bundle
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Newbie
User Name
Password
Linux - Newbie This Linux forum is for members that are new to Linux.
Just starting out and have a question? If it is not in the man pages or the how-to's this is the place!

Notices


Reply
  Search this Thread
Old 09-17-2009, 11:59 PM   #1
spider661
LQ Newbie
 
Registered: Sep 2009
Posts: 3

Rep: Reputation: 0
tailing a log file and beeping if it finds an entry?


hi i have a log file.. im trying to tail -f the file and grep "connection attempt" and if it finds that line then need it to output it the a diff file them beep..

I installed the beep command im using debian. So on the command prompt I type beep and the computer beeps.. Or I can do usr/bin/beep to make it beep

Im trying to do this in a shell/bash (not sure which to call it) script.

so far I have tried everything I can think of.

Code:
#!/bin/sh

tail -f /home/nwnserver/nwn/logs.0/nwserverLog1.txt | grep "Connection Attempt"
if [ $? -eq 0 ]; then
echo beep
echo connection made>log.txt
tail -f /home/nwnserver/nwn/logs.0/nwserverLog1.txt | grep "Connection Attempt"
fi
This is a bit of code I got from another site that looks like it would do what I want but does nothing except the
tail -f /home/nwnserver/nwn/logs.0/nwserverLog1.txt | grep "Connection Attempt") line and keeps outputting it on screen.

any help would be nice.. thanks.

Last edited by spider661; 09-18-2009 at 12:33 AM.
 
Old 09-18-2009, 02:12 AM   #2
chrism01
LQ Guru
 
Registered: Aug 2004
Location: Sydney
Distribution: Centos 6.9, Centos 7.3
Posts: 17,362

Rep: Reputation: 2377Reputation: 2377Reputation: 2377Reputation: 2377Reputation: 2377Reputation: 2377Reputation: 2377Reputation: 2377Reputation: 2377Reputation: 2377Reputation: 2377
-f means 'follow the file' so it never 'completes'/returns. Try

tail -f /home/nwnserver/nwn/logs.0/nwserverLog1.txt | grep "Connection Attempt" && beep

not sure if that'll do it, give it a try.
 
Old 09-18-2009, 02:45 AM   #3
catkin
LQ 5k Club
 
Registered: Dec 2008
Location: Tamil Nadu, India
Distribution: Debian
Posts: 8,576
Blog Entries: 31

Rep: Reputation: 1195Reputation: 1195Reputation: 1195Reputation: 1195Reputation: 1195Reputation: 1195Reputation: 1195Reputation: 1195Reputation: 1195
The problem, as you have found out, is that tail -f never exits so the next line of the script is not executed. So you need to set tail -f and grep running and then loop looking for output from them.

Maybe something like this (in bash, not sh, I hope that's OK for you. Not tested)
Code:
#!/bin/sh

# Set up temporary directory
tmp_dir="$( mktemp -d "/tmp/${0%%*/}.XXXX" 2>&1 )"
if [[ $? -ne 0 ]]; then
    echo "Unable to create temporary directory:$lf$tmp_dir" >&2
    \exit 1
fi
out="$tmp_dir/output"

# Start monitoring
# - Uses stderr rather than stdout so writes are not buffered.
# - Backgrounded.
tail -f /home/nwnserver/nwn/logs.0/nwserverLog1.txt | grep "Connection Attempt" 2>"$out" >&2 &

# Watch for output
while true
do
    if [[ -s "$out" ]]; then
        <beep stuff>
        echo connection made>log.txt
        echo -n > "$out"  # empty grep's output file
    fi
    sleep 1
done
 
Old 09-18-2009, 04:22 AM   #4
antegallya
Member
 
Registered: Jun 2008
Location: Belgium
Distribution: Debian
Posts: 109

Rep: Reputation: 42
Hello,
the inotify kernel subsystem is appropriate for such things. It monitors files or directories and send events when there's a change, so there's no busy waiting.
If you don't want to code a C program for that and want a simple shell script, there's the inotify-tools (not part of an lsb, so you'll probably need to install it) and here is a script using this :
Code:
#!/bin/sh
while inotifywait -e modify /home/nwnserver/nwn/logs.0/nwserverLog1.txt; do
  if tail -n1 /home/nwnserver/nwn/logs.0/nwserverLog1.txt | grep "Connection Attempt"; then
    beep
  fi
done
 
Old 09-18-2009, 05:38 AM   #5
lutusp
Member
 
Registered: Sep 2009
Distribution: Fedora
Posts: 835

Rep: Reputation: 102Reputation: 102
Quote:
Originally Posted by spider661 View Post
hi i have a log file.. im trying to tail -f the file and grep "connection attempt" and if it finds that line then need it to output it the a diff file them beep..

I installed the beep command im using debian. So on the command prompt I type beep and the computer beeps.. Or I can do usr/bin/beep to make it beep

Im trying to do this in a shell/bash (not sure which to call it) script.

so far I have tried everything I can think of.

Code:
#!/bin/sh

tail -f /home/nwnserver/nwn/logs.0/nwserverLog1.txt | grep "Connection Attempt"
if [ $? -eq 0 ]; then
echo beep
echo connection made>log.txt
tail -f /home/nwnserver/nwn/logs.0/nwserverLog1.txt | grep "Connection Attempt"
fi
This is a bit of code I got from another site that looks like it would do what I want but does nothing except the
tail -f /home/nwnserver/nwn/logs.0/nwserverLog1.txt | grep "Connection Attempt") line and keeps outputting it on screen.

any help would be nice.. thanks.
You are misusing "tail". "tail -f" never exits. You want "tail --lines=N" which delivers N number of lines and exits.

Code:
while true
do
   if tail --lines=20 /var/log/messages | grep -i "connection attempt"
   then
      beep
   fi
   sleep 10
done
Untested.
 
Old 09-18-2009, 12:23 PM   #6
spider661
LQ Newbie
 
Registered: Sep 2009
Posts: 3

Original Poster
Rep: Reputation: 0
thanks the last 2 worked i opted to go with the inotify one. the last one worked also but it keeps reading the same lines over and over again till something changed i needed it to read the last line and if it was the same not report it like the -f does.

thanks guys really big help
 
Old 09-18-2009, 12:31 PM   #7
antegallya
Member
 
Registered: Jun 2008
Location: Belgium
Distribution: Debian
Posts: 109

Rep: Reputation: 42
Only report lines that are different from the preceding one could be done with :
Code:
tail -f file | uniq
 
Old 09-18-2009, 12:44 PM   #8
spider661
LQ Newbie
 
Registered: Sep 2009
Posts: 3

Original Poster
Rep: Reputation: 0
Quote:
Originally Posted by antegallya View Post
Only report lines that are different from the preceding one could be done with :
Code:
tail -f file | uniq
that's not what i mean, what i mean is it reads the logs last 20 lines.. then so many secs later does it again.. if the log has not updated with a new 20 lines it prints them out again and i just needed to know when someone was connecting not that they connected over and over again till someone new connects..

but very nice to know that i can do that none the less.
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off



Similar Threads
Thread Thread Starter Forum Replies Last Post
LXer: Scalp: Log Analyzer Finds Web Attacks LXer Syndicated Linux News 0 09-18-2008 10:41 AM
Continious tailing of a log files, changing inodes twofruits Programming 1 09-14-2007 11:57 PM
Crazy scrolling when tailing remote file over ssh bram2000 Linux - Software 1 02-10-2006 09:06 AM
Log File entry Mclewson Linux - Security 1 06-29-2005 09:21 AM
suspicious entry in /var/log/auth.log buehler Linux - Security 5 04-27-2005 05:11 PM


All times are GMT -5. The time now is 02:39 PM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration